Book Image

Microsoft Windows Azure Development Cookbook

By : Neil Mackenzie
Book Image

Microsoft Windows Azure Development Cookbook

By: Neil Mackenzie

Overview of this book

The Windows Azure platform is Microsoft's Platform-as-a-Service environment for hosting services and data in the cloud. It provides developers with on-demand computing, storage, and service connectivity capabilities that facilitate the hosting of highly scalable services in Windows Azure datacenters across the globe. This practical cookbook will show you advanced development techniques for building highly scalable cloud-based services using the Windows Azure platform. It contains over 80 practical, task-based, and immediately usable recipes covering a wide range of advanced development techniques for building highly scalable services to solve particular problems/scenarios when developing these services on the Windows Azure platform. Packed with reusable, real-world recipes, the book starts by explaining the various access control mechanisms used in the Windows Azure platform. Next you will see the advanced features of Windows Azure Blob storage, Windows Azure Table storage, and Windows Azure Queues. The book then dives deep into topics such as developing Windows Azure hosted services, using Windows Azure Diagnostics, managing hosted services with the Service Management API, using SQL Azure and the Windows Azure AppFabric Service Bus. You will see how to use several of the latest features such as VM roles, Windows Azure Connect, startup tasks, and the Windows Azure AppFabric Caching Service.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Windows Azure Development Cookbook
Neil Mackenzie
Aug, 2011 | 392 pages
No titles found
Table of Contents (16 chapters)
Microsoft Windows Azure Development Cookbook
Microsoft Windows Azure Development Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Controlling Access in the Windows Azure Platform
Controlling Access in the Windows Azure Platform
Introduction
Managing Windows Azure Storage Service access keys
Connecting to the Windows Azure Storage Service
Using SetConfigurationSettingPublisher()
Connecting to the storage emulator
Managing access control for containers and blobs
Creating a Shared Access Signature for a container or blob
Using a container-level access policy
Authenticating against the Windows Azure Service Management REST API
Authenticating with the Windows Azure AppFabric Caching Service
2
Handling Blobs in Windows Azure
Handling Blobs in Windows Azure
Introduction
Setting properties and metadata for a blob
Using blob directories
Creating and using a blob snapshot
Creating and using the root container for blobs
Uploading blocks to a block blob
Uploading a VHD into a page blob
Downloading a blob asynchronously
Optimizing blob uploads and downloads
Using retry policies with blob operations
Copying a blob with the Windows Azure Storage Service REST API
Leasing a blob using the Protocol classes in the Windows Azure Storage Client Library
Using the Windows Azure Content-Delivery Network (CDN)
3
Going NoSQL with Windows Azure Tables
Going NoSQL with Windows Azure Tables
Introduction
Creating a table
Creating a data model and context for an entity
Using entity group transactions
Diagnosing problems when using the Table service
Handling concurrency with the Table service
Choosing a PartitionKey and RowKey for a table
Using continuation tokens and server-side paging
Performing asynchronous queries
Performing queries in parallel
Handling the WritingEntity and ReadingEntity events
4
Disconnecting with Windows Azure Queues
Disconnecting with Windows Azure Queues
Introduction
Managing Windows Azure queues
Adding messages to a queue
Retrieving messages from a queue
Storing large amounts of data for a message
Implementing a backoff when polling a queue
Identifying and handling poison messages
5
Developing Hosted Services for Windows Azure
Developing Hosted Services for Windows Azure
Introduction
Choosing the service model for a hosted service
Choosing which Windows Azure storage type to use
Configuring the service model for a hosted service
Hosting multiple websites in a web role
Providing a custom domain name for a hosted service
Implementing HTTPS in a web role
Sharing session state with the Windows Azure AppFabric Caching Service
Using local storage in an instance
Using startup tasks in a Windows Azure Role
Managing upgrades and changes to a hosted service
Handling changes to the configuration and topology of a hosted service
Using an Azure Drive in a hosted service
Using the Azure Drive simulation in thedevelopment environment
Using a VM Role
Using Windows Azure Connect
Consuming data from the Windows Azure MarketPlace DataMarket
Using Web Deploy with Windows Azure
6
Digging into Windows Azure Diagnostics
Digging into Windows Azure Diagnostics
Introduction
Initializing the configuration of Windows Azure Diagnostics
Using a configuration file with Windows Azure Diagnostics
Using the Windows Azure Diagnostics trace listener
Performing an on-demand transfer
Implementing custom logging
Accessing data persisted to Windows Azure Storage
Using the Windows Azure Platform PowerShell cmdlets to configure Windows Azure Diagnostics
Using IntelliTrace to diagnose problems with a hosted service
7
Managing Hosted Services with the Service Management API
Managing Hosted Services with the Service Management API
Introduction
Creating a Windows Azure hosted service
Deploying an application into a hosted service
Upgrading an application deployed to a hosted service
Retrieving the properties of a hosted service
Autoscaling with the Windows Azure Service Management REST API
Using the Windows Azure Platform PowerShell cmdlets
8
Using SQL Azure
Using SQL Azure
Introduction
Provisioning a SQL Azure Server
Creating a SQL Azure database
Migrating a database to SQL Azure
Measuring SQL Azure usage
Connecting to SQL Azure with ADO.NET
Handling connection failures to SQL Azure
Scaling out SQL Azure into the Windows Azure Blob Service
9
Looking at the Windows Azure AppFabric
Looking at the Windows Azure AppFabric
Introduction
Creating a namespace for the Windows Azure AppFabric
Using the Service Bus as a relay service
Using Service Bus events
Using a Service Bus message buffer
Using the Windows Azure AppFabric Caching service
Index
Index

Using a container-level access policy

A shared access policy comprises a set of permissions (read, write, delete, list) combined with start and expiration times for validity of the policy. There are no restrictions on the start and expiration times for a shared access policy. A container-level access policy is a shared access policy associated by name with a container. A maximum of five container-level access policies can be associated simultaneously with a container, but each must have a distinct name.

A container-level access policy improves the management of shared access signatures. There is no way to retract or otherwise disallow a standalone shared access signature once it has been created. However, a shared access signature created from a container-level access policy has validity dependent on the container-level access policy. The deletion of a container-level access policy causes the revocation of all shared access signatures derived from it and they can no longer be used to authenticate a storage request. As they can be revoked at any time, there are no time restrictions on the validity of a shared access signature derived from a container-level access policy.

The container-level access policies for a container are set and retrieved as a SharedAccessPolicies collection of named SharedAccessPolicy objects. The SetPermissions() and GetPermissions() methods of the CloudBlobContainer class set and retrieve container-level access policies. A container-level access policy can be removed by retrieving the current SharedAccessPolicies, removing the specified policy, and then setting the SharedAccessPolicies on the container again.

A shared access signature is derived from a container-level access policy by invoking the CloudBlobContainer.GetSharedAccessSignature()passing in the name of the container-level access policy and an empty SharedAccessPolicy instance. It is not possible to modify the validity of the shared-access signature by using a non-empty SharedAccessPolicy.

In this recipe, we will learn how to manage container-level access policies and use them to create shared access signatures.

Getting ready

This recipe assumes the following is in the application configuration file:

<appSettings>
   <add key="DataConnectionString"value="DefaultEndpointsProtocol=https;AccountName={ACCOUNT_NAME};AccountKey={ACCOUNT_KEY}"/>
</appSettings>

We must replace {ACCOUNT_NAME} and {ACCOUNT_KEY} with appropriate values for the account name and access key.

How to do it...

We are going to create, use, modify, revoke, and delete a container-level access policy. We do this as follows:

  1. Add a class named ContainerLevelAccessPolicyExample to the project.

  2. Add the following using statements to the top of the class file:

    using Microsoft.WindowsAzure;
using Microsoft.WindowsAzure.StorageClient;
using System.Configuration;

  3. Add the following private members to the class:

    private Uri blobEndpoint;
private CloudBlobContainer cloudBlobContainer;

  4. Add the following constructor to the class:

    ContainerLevelAccessPolicyExample()
{
   CloudStorageAccount cloudStorageAccount =CloudStorageAccount.Parse(ConfigurationManager.AppSettings["DataConnectionString"]);
   blobEndpoint = cloudStorageAccount.BlobEndpoint;

   CloudBlobClient cloudBlobClient =cloudStorageAccount.CreateCloudBlobClient();
   cloudBlobContainer =new CloudBlobContainer(containerName, cloudBlobClient);
   cloudBlobContainer.Create();
}

  5. Add the following method, creating a container-level access policy, to the class:

    private void AddContainerLevelAccessPolicy(String policyId)
{
   DateTime startTime = DateTime.UtcNow;
   SharedAccessPolicy sharedAccessPolicy =new SharedAccessPolicy()
   {
      Permissions = SharedAccessPermissions.Read |SharedAccessPermissions.Write,
      SharedAccessStartTime = startTime,
      SharedAccessExpiryTime = startTime.AddDays(3d)
   };

   BlobContainerPermissions blobContainerPermissions =new BlobContainerPermissions();
   blobContainerPermissions.SharedAccessPolicies.Add(policyId, sharedAccessPolicy);

   blobContainer.SetPermissions(blobContainerPermissions);
}

  6. Add the following method, getting a shared access signature using the container-level access policy, to the class:

    private String GetSharedAccessSignature(String policyId)
{
   SharedAccessPolicy sharedAccessPolicy =new SharedAccessPolicy();
   String sharedAccessSignature =cloudBlobContainer.GetSharedAccessSignature(sharedAccessPolicy, policyId);
   
   return sharedAccessSignature;
}

  7. Add the following method, modifying the container-level access policy, to the class:

    private void ModifyContainerLevelAccessPolicy(String policyId)
{
   BlobContainerPermissions blobContainerPermissions =cloudBlobContainer.GetPermissions();

   DateTime sharedAccessExpiryTime =(DateTime)blobContainerPermissions.SharedAccessPolicies[policyId].SharedAccessExpiryTime;
   blobContainerPermissions.SharedAccessPolicies[policyId].SharedAccessExpiryTime =
       sharedAccessExpiryTime.AddDays(1d);

   blobContainer.SetPermissions(blobContainerPermissions);
}

  8. Add the following method, revoking a container-level access policy, to the class:

    private void RevokeContainerLevelAccessPolicy(String policyId)
{
   BlobContainerPermissions containerPermissions =cloudBlobContainer.GetPermissions();
   
   SharedAccessPolicy sharedAccessPolicy =containerPermissions.SharedAccessPolicies[policyId];
   containerPermissions.SharedAccessPolicies.Remove(policyId);
   containerPermissions.SharedAccessPolicies.Add(policyId + "1", sharedAccessPolicy);
   
   cloudBlobContainer.SetPermissions(containerPermissions);
}

  9. Add the following method, deleting all container-level access policies, to the class:

    private void DeleteContainerLevelAccessPolicies()
{
   BlobContainerPermissions blobContainerPermissions =new BlobContainerPermissions();

   blobContainer.SetPermissions(blobContainerPermissions);
}

  10. Add the following method, using the methods added earlier, to the class:

    public static void UseContainerLevelAccessPolicyExample()
{
   String containerName = "{CONTAINER_NAME}";String policyId = "{POLICY_NAME}";

   ContainerLevelAccessPolicyExample example =new ContainerLevelAccessPolicyExample(containerName);

   example.AddContainerLevelAccessPolicy(policyId);
   String sharedAccessSignature1 =example.GetSharedAccessSignature(policyId);

   example.ModifyContainerLevelAccessPolicy(policyId);
   String sharedAccessSignature2 =example.GetSharedAccessSignature(policyId);
   example.RevokeContainerLevelAccessPolicy(policyId);
   String sharedAccessSignature3 =example.GetSharedAccessSignature(policyId + "1");

   example.DeleteContainerLevelAccessPolicies();
}

How it works...

In steps 1 and 2, we set up the class. In step 3, we add some private members which we initialize in the constructor we add in step 4. We also create a container in the constructor.

In step 5, we create a SharedAccessPolicy instance and add it to the SharedAccessPolicies property of a BlobContainerPermissions object. Finally, we pass this and a policy name into a SetPermissions() method of the CloudBlobContainer class to create a container-level access policy name for the container.

In step 6, we get a shared access signature for a container with a specified container-level access policy. We initialize a CloudStorageAccount from the application configuration and use this to get a CloudBlobContainer instance for a specified container. Finally, we pass the policy name into the CloudBlobContainer.GetSharedAccessSignature() method to get a shared access signature for the container.

In step 7, we again get a CloudBlobContainer instance for the container and invoke GetPermissions() on it to retrieve the shared access policies for the container. We then add one day to the expiration date for a specified container-level access policy. Finally, we invoke CloudBlobContainer.SetPermissions() to update the container-level access policies for the container.

In step 8, we revoke an existing container-level access policy and create a new container-level policy with the same SharedAccessPolicy and a new policy name. We again use GetPermissions() to retrieve the shared access policies for the container and then invoke the Remove() and Add() methods of the SharedAccessPolicies class to perform the revocation. Finally, we invoke CloudBlobContainer.SetPermissions() to update the container-level access policies for the container.

In step 9, we delete all container-level access policies for a container. We create a default BlobContainerPermissions instance and pass this into CloudBlobContainer.SetPermissions() to remove all the container-level access policies for the container.

In step 10, we add a helper method that invokes all the methods we added earlier. We need to replace {CONTAINER_NAME} and {POLICY_NAME} with the names of a container and a policy for it.

Previous Section
End of Section 9
Next Section